An unauthenticated remote command execution vulnerability in Sapido RB-1732 routers allows attackers to gain full administrative control of the device by sending malicious POST requests.

This critical flaw involves a remote command execution (RCE) vulnerability within the formSysCmd endpoint. An unauthenticated attacker can supply arbitrary shell commands through the sysCmd parameter in a POST request, which the system executes with high-level router privileges.

A successful exploit grants an attacker total control over the network router, leading to potential traffic interception, DNS hijacking, and a complete breach of the local network perimeter. The CVSS score of 9.8 reflects the critical nature of this vulnerability, as it requires no user interaction or authentication to achieve full system compromise.

Immediate Action: Administrators should immediately update Sapido RB-1732 devices to the latest available firmware version or replace the legacy hardware if updates are no longer supported.

Proactive Monitoring: Monitor network traffic for unusual POST requests directed at the /formSysCmd endpoint and review router logs for unauthorized configuration changes.

Compensating Controls: Restrict access to the router’s web management interface to trusted internal IP addresses only and disable remote management features over the WAN.

Public Exploit Available: false

This vulnerability represents a significant risk to network integrity and data privacy. Organizations using this hardware must prioritize firmware updates or hardware decommissioning immediately to prevent unauthorized access and potential lateral movement within the network.